#kops (2019-02)

Discussions related to kops for kubernetes

Archive: https://archive.sweetops.com/kops/

2019-02-04

joshmyers avatar
joshmyers
03:47:18 PM

@Jan Any gotchas with implementing aws-iam-authenticator ? did you use https://github.com/cloudposse/terraform-aws-kops-iam-authenticator-config ?

cloudposse/terraform-aws-kops-iam-authenticator-config

Terraform module to create and apply a Kubernetes ConfigMap for aws-iam-authenticator to be used with Kops to map IAM principals to Kubernetes users - cloudposse/terraform-aws-kops-iam-authentica…

Jan avatar
Jan
03:48:12 PM

heya

joshmyers avatar
joshmyers
03:49:01 PM

Using the geodesic flag? https://github.com/cloudposse/geodesic/blob/master/rootfs/templates/kops/default.yaml#L54

cloudposse/geodesic

Geodesic is the fastest way to get up and running with a rock solid, production grade cloud platform built on top of strictly Open Source tools. ★ this repo! https://slack.cloudposse.com/ - clou…

Jan avatar
Jan
03:49:04 PM

um shew let me think

Jan avatar
Jan
03:49:15 PM

I dont think so

Jan avatar
Jan
03:49:20 PM

let me see what we did

Jan avatar
Jan
03:50:49 PM

in the middle of a refactor, please remind me later

joshmyers avatar
joshmyers
03:51:17 PM

np

Jan avatar
Jan
08:23:16 PM

@Tim ball is on your court

Tim avatar
Tim
08:23:21 PM

@Tim has joined the channel

2019-02-05

joshmyers avatar
joshmyers
04:58:13 PM

@Tim / @Jan How are you getting your kubecfg into place, that supports the aws-iam-authenticator ?

Tim avatar
Tim
05:02:11 PM

Yes we are using the cloudposse AWS IAM authenticator config map

joshmyers avatar
joshmyers
05:02:19 PM

Nice

Tim avatar
Tim
05:02:26 PM

The changes in the cluster config I have already seen on your side but it was removed

Tim avatar
Tim
05:02:32 PM

Will look into it tomorrow

joshmyers avatar
joshmyers
05:02:52 PM

How are you writing the kubecfg ?

Tim avatar
Tim
05:03:29 PM

Just adding the authentication webhook endpoint and installed a hook which pulls certs and stuff like that from s3

Tim avatar
Tim
05:03:47 PM

I have seen a commit on the cloudposse side doing exactly the same but it was removed ^^

Tim avatar
Tim
05:04:09 PM

Right now I don’t have the cluster config here. But I can provide it to you tomorrow

joshmyers avatar
joshmyers
05:05:39 PM

Cool, just wondering as kops export kubecfg doesn’t contain the users block that uses aws-iam-authenticator so wondering how you are doing it

Tim avatar
Tim
05:18:35 PM

Got it. This is what I was referring to: https://github.com/cloudposse/geodesic/pull/345/files

[kops/template] Update `aws-iam-authenticator` by aknysh · Pull Request #345 · cloudposse/geodesic

what [kops/template] Update aws-iam-authenticator settings why Kubernetes 1.10 and newer has aws-iam-authenticator installed by default, no need to add scripts to install it from S3 references …

Tim avatar
Tim
05:19:40 PM

Not sure how this does “fix iam authenticator” But that’s the config you need. Additional creating certificates and the config map

Tim avatar
Tim
05:20:31 PM

It says kubernetes comes with it by default but we were not able to get it working without these changes

Tim avatar
Tim
05:23:25 PM

https://github.com/kubernetes/kops/blob/master/docs/authentication.md#kopeio-authentication hmm

kubernetes/kops

Kubernetes Operations (kops) - Production Grade K8s Installation, Upgrades, and Management - kubernetes/kops

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
03:53:54 AM

I love #variant

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
03:53:56 AM

check this out

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
03:53:56 AM

https://github.com/cloudposse/geodesic/pull/378/files

[kopsctl] add commands to facilitate management of cluster by osterman · Pull Request #378 · cloudposse/geodesic

what Add commands to easily rotate a kops cluster's ssh keys Add command to easily connect to a kops cluster Add command to see a kops plan why This are routine operations that are complicat…

2019-02-14

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
05:20:15 AM

set the channel description: Discussions related to kops for kubernetes Archive: https://archive.sweetops.com/kops/

2019-02-18

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
09:21:59 PM

Anyone have success launching t3.* instances with kops? https://github.com/kubernetes/kops/issues/5755

Launching `t3.medium` EC2 instance failed · Issue #5755 · kubernetes/kops
  1. What kops version are you running? The command kops version, will display this information. Version 1.10.0 (git-782ff1358) This is branch release-1.10 with #5681 cherry-picked 2. What Kubernetes…
daveyu avatar
daveyu
07:28:48 PM

i wanted to try, saw that support was added kops 1.11, but i got stuck figuring out how to upgrade kops in geodesic without forking packages

Launching `t3.medium` EC2 instance failed · Issue #5755 · kubernetes/kops
  1. What kops version are you running? The command kops version, will display this information. Version 1.10.0 (git-782ff1358) This is branch release-1.10 with #5681 cherry-picked 2. What Kubernetes…
Jan avatar
Jan
03:03:10 PM

we use t3

Jan avatar
Jan
03:04:41 PM
kops version
Version 1.10.0

2019-02-19

2019-02-22

Jan avatar
Jan
03:02:53 PM

um

Jan avatar
Jan
03:03:55 PM

t3 medium and large

Jan avatar
Jan
03:04:09 PM

and c5 large

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
05:45:49 PM

ok, are you on kops 1.11?

2019-02-24

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
09:23:58 PM

has anyone looked into using “App Mesh” with kops?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
09:23:59 PM

https://github.com/awslabs/aws-app-mesh-examples

awslabs/aws-app-mesh-examples

AWS App Mesh is a service mesh that you can use with your microservices to manage service to service communication. - awslabs/aws-app-mesh-examples

    keyboard_arrow_up